Red Hat Bugzilla – Bug 480432
setroubleshootd killed - apparently by selinux
Last modified: 2009-01-19 16:17:20 EST
Created attachment 329273 [details]
a file found in /var/log/setroubleshoot/
Description of problem:
On a freshly installed "from scratch" F10 system setroubleshootd dies in what it looks like at random. Traces show up in "bad" moments, like a shutdown sequence or during a boot (where they will be wiped out before there will be a chance to look at those) but I managed to get the following one:
Traceback (most recent call last):
File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 350, in auto_save_callback
File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 327, in save
File "/usr/lib/python2.5/site-packages/setroubleshoot/xml_serialize.py", line 308, in write_xml
No idea how complete that may be.
Nothing of that sort in logs anywhere. At this moment
'service setroubleshoot status' responds with:
setroubleshootd dead but pid file exists
That happened already a number of times on a machine installed yesterday
Everything I found in /var/log/setroubleshoot/setroubleshootd.log is attached.
What is even more disconcerting is that selinux has constant complaints
about wpa_supplicant, NetworkManager, console-kit-daemon, pm-powersave,
gdm-session-worker, dbus-daemon, sendmail. Rebooting after
'touch /.autorelabel' did not help. 'rpm -V ...' on various related
packages is always silent.
Version-Release number of selected component (if applicable):
The machine on which this happens is eeepc 1002HA netbook.
Are you running an ext4 file system? If so you need to update to the latest kernel. There is a bug in the kernel that causes lots of confined domains to get spurious sys_resource avc messages, Any avc messages about setroubleshoot cause it to exit to prevent infinite loops.
Please update to the latest kernel.
> Are you running an ext4 file system?
Yes, indeed, I do on that particular machine.
> If so you need to update to the latest kernel.
But it is already running the latest kernel from the current updates, i.e 22.214.171.124-159.fc10. Or you mean something from updates-testing? Or from koji? Is there some known minimum which is required?
126.96.36.199-168 and later according to the changelog.
188.8.131.52-168 I mean.